公开(公告)号：US20240338463A1

公开(公告)日：2024-10-10

申请号：US18746458

申请日：2024-06-18

Applicant: SAP SE

Inventor： Xun Sun ,  Huaiyu Yan ,  Chuyunxiao Zhong

IPC: G06F21/60 ,  G06F8/65 ,  G06F8/77 ,  G06F21/51

CPC classification number: G06F21/604 ,  G06F8/65 ,  G06F8/77 ,  G06F21/51 ,  G06F2221/033 ,  G06F2221/2101

Abstract: An open source library rating is generated for an open source library based on dependencies of the library, vulnerabilities of the library, an age of the library, a popularity of the library, a history of the library, or any suitable combination thereof. The rating of a specific version of a library may be generated based on a base score for all versions of the library and a version score for the specific version of the library. An authorization system receives a request from a developer to add a library to a software application. In response, the authorization system accesses a rating for the library. Based on the rating, the authorization system approves the request, denies the request, or recommends an alternative library.

公开(公告)号：US11709949B2

公开(公告)日：2023-07-25

申请号：US17364112

申请日：2021-06-30

Applicant: SAP SE

Inventor： Xun Sun ,  Huaiyu Yan ,  Chuyunxiao Zhong

IPC: G06F21/60 ,  G06F8/77 ,  G06F21/51 ,  G06F8/65

CPC classification number: G06F21/604 ,  G06F8/65 ,  G06F8/77 ,  G06F21/51 ,  G06F2221/033 ,  G06F2221/2101

Abstract: An open source library rating is generated for an open source library based on dependencies of the library, vulnerabilities of the library, an age of the library, a popularity of the library, a history of the library, or any suitable combination thereof. The rating of a specific version of a library may be generated based on a base score for all versions of the library and a version score for the specific version of the library. An authorization system receives a request from a developer to add a library to a software application. In response, the authorization system accesses a rating for the library. Based on the rating, the authorization system approves the request, denies the request, or recommends an alternative library.

公开(公告)号：US11269997B2

公开(公告)日：2022-03-08

申请号：US16539338

申请日：2019-08-13

Applicant: SAP SE

Inventor： Yu Wu ,  Siming Yao ,  Chu Yunxiao Zhong ,  Xiaoxiao Gu ,  Xun Sun ,  Chen Yang ,  Liujuan Xu

IPC: G06F7/04 ,  H04N7/16 ,  G06F21/55 ,  G06F21/54 ,  G06F21/51

Abstract: A method, a system, and a computer program product for performing automated dynamic security testing. A generation of one or more requests is detected. The requests are generated by one or more user devices. A determination is made that the requests are associated with execution of a monitored software application. The determined requests are transmitted to one or more servers for executing a security scanning of the requests. The security scanning of the determined requests is executed to determine presence of one or more security threats associated with execution of the requests. A report of the execution of the security scanning is generated.

公开(公告)号：US20210049267A1

公开(公告)日：2021-02-18

申请号：US16539338

申请日：2019-08-13

Applicant: SAP SE

Inventor： Yu Wu ,  Siming Yao ,  Chu Yunxiao Zhong ,  Xiaoxiao Gu ,  Xun Sun ,  Chen Yang ,  Liujuan Xu

IPC: G06F21/55 ,  G06F21/51 ,  G06F21/54

Abstract: A method, a system, and a computer program product for performing automated dynamic security testing. A generation of one or more requests is detected. The requests are generated by one or more user devices. A determination is made that the requests are associated with execution of a monitored software application. The determined requests are transmitted to one or more servers for executing a security scanning of the requests. The security scanning of the determined requests is executed to determine presence of one or more security threats associated with execution of the requests. A report of the execution of the security scanning is generated.

公开(公告)号：US11621854B2

公开(公告)日：2023-04-04

申请号：US16246882

申请日：2019-01-14

Applicant: SAP SE

Inventor： Xun Sun ,  Xiaoxiao Gu ,  Yukching Leung

IPC: H04L9/32 ,  G06F16/22 ,  G06Q10/06 ,  G06Q10/10 ,  G06Q10/0639 ,  G06Q10/1053 ,  H04L9/08

Abstract: User-generated messages encapsulating selections from each of a plurality of entities for a selection task having a selection option are received via one or more interfaces presented by a selection processing system. For each selection, a different share of a signing key is obtained that has an identity associated with the selection task. For each selection, a different partial signature is generated by signing the messages using the associated share of the signing key. The partial signatures are combined into a threshold signature if a number of entities for a selection option specified by the task exceeds a pre-defined threshold. Data characterizing the results of the selection task can then be provided.

公开(公告)号：US20190171843A1

公开(公告)日：2019-06-06

申请号：US15830748

申请日：2017-12-04

Applicant: SAP SE

Inventor： Xun Sun ,  Yu Wu ,  Xiaoxiao (Jerome) Gu ,  Yukching Leung

IPC: G06F21/62 ,  H04L9/06 ,  G09C1/00

CPC classification number: G06F21/6245 ,  G09C1/00 ,  H04L9/0618 ,  H04L9/0631 ,  H04L9/0861

Abstract: A method includes obtaining first text information in a first format, converting the first text information to an offset value from a base time in a second format, generating an encryption key, encrypting the offset value with the encryption key to produce an encrypted offset value in the second format, converting the encrypted offset value to second text information in the first format, and outputting the second text information as encrypted text corresponding to the first text information.

公开(公告)号：US11277411B2

公开(公告)日：2022-03-15

申请号：US16218935

申请日：2018-12-13

Applicant: SAP SE

Inventor： Xun Sun ,  Jianmin Xue

IPC: G06F21/60 ,  H04L29/06 ,  G06F16/182 ,  H04L9/08 ,  G06F16/23 ,  G06F21/62 ,  H04L9/06

Abstract: Described herein includes a data controller that secures personal data and efficiency and reliably records data access events using blockchain. The system may include a data controller for: receiving a request to access data stored in a database on the data controller, the request including a web token; verifying the web token of the request; providing access to the data stored in the database; generating a data access event indicating that the data stored in the database has been accessed; and recording the data access event on a blockchain platform in accordance with blockchain.

公开(公告)号：US20210326462A1

公开(公告)日：2021-10-21

申请号：US17364112

申请日：2021-06-30

Applicant: SAP SE

Inventor： Xun Sun ,  Huaiyu Yan ,  Chuyunxiao Zhong

IPC: G06F21/60 ,  G06F8/77 ,  G06F21/51 ,  G06F8/65

Abstract: An open source library rating is generated for an open source library based on dependencies of the library, vulnerabilities of the library, an age of the library, a popularity of the library, a history of the library, or any suitable combination thereof. The rating of a specific version of a library may be generated based on a base score for all versions of the library and a version score for the specific version of the library. An authorization system receives a request from a developer to add a library to a software application. In response, the authorization system accesses a rating for the library. Based on the rating, the authorization system approves the request, denies the request, or recommends an alternative library.

公开(公告)号：US10484234B1

公开(公告)日：2019-11-19

申请号：US16004905

申请日：2018-06-11

Applicant: SAP SE

Inventor： Xun Sun ,  Hao Weng ,  Xiaoxiao Gu ,  You Li

IPC: G06F15/173 ,  H04L12/24 ,  H04L29/08 ,  G06F21/62

Abstract: Systems and methods are provided for receiving a notification of an issue with a cloud services application, determining that troubleshooting of the issue comprises review of server logs containing personal data, enabling a data protection and privacy log level instead of a default log level to capture the personal data, generating the one or more server logs containing personal data during replication of the issue based on detecting that the data protection and privacy log level is enabled, indexing the one or more server logs containing personal data and setting access permission to the one or more server logs, detecting that a specified retention time period for the personal data has lapsed, automatically purging the personal data of the one or more server logs based on detecting that the specified retention time period has lapsed, and recording a record that the personal data has been purged.

公开(公告)号：US12039060B2

公开(公告)日：2024-07-16

申请号：US18205911

申请日：2023-06-05

Applicant: SAP SE

Inventor： Xun Sun ,  Huaiyu Yan ,  Chuyunxiao Zhong

IPC: G06F21/60 ,  G06F8/65 ,  G06F8/77 ,  G06F21/51

CPC classification number: G06F21/604 ,  G06F8/65 ,  G06F8/77 ,  G06F21/51 ,  G06F2221/033 ,  G06F2221/2101

Abstract: An open source library rating is generated for an open source library based on dependencies of the library, vulnerabilities of the library, an age of the library, a popularity of the library, a history of the library, or any suitable combination thereof. The rating of a specific version of a library may be generated based on a base score for all versions of the library and a version score for the specific version of the library. An authorization system receives a request from a developer to add a library to a software application. In response, the authorization system accesses a rating for the library. Based on the rating, the authorization system approves the request, denies the request, or recommends an alternative library.